ntlm_auth multiple domains
Jamie Crawford
crawford at cmsu1.cmsu.edu
Tue Sep 20 22:10:45 CEST 2005
I'm trying to validate a user from two trusted NT4 domains. I cannot get ntlm_auth --username=domainb/domainbuser to work. How are you supposed to validate a user with domain credentials, when you can't pass along the domain information? I think it's more of a limitation with ntlm_auth than anything.
tia,
jamie
>>> aland at ox.org 9/20/2005 11:45:49 AM >>>
"Jamie Crawford" <crawford at cmsu1.cmsu.edu> wrote:
> When I run ntlm_auth --username=domainauser everything works
> great. When I run ntlm_auth --username=domainbuser it fails because
> the user does not exist in domaina which the server is joined to.
You need to point winbindd to a global catalog server, and then
establish trust relationships between the GC and all of the domains.
> Would setting up realms help?
No. The limitation is due to Active Directory, not realms or
FreeRADIUS.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list